Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.sabrinapratos.ind.br
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 28, 2025
Valid Until
February 26, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
37:69:1A:CE:55:42:F3:D5:5A:52:4B:A0:D5:A0:65:C0:1E:97:FD:38:75:39:6B:6A:1C:2F:EC:A7:0A:AF:7F:1F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.tumblepod.com
0xts.dev
www.accolibra.com
aduant.com
agustipc.dev
algoltech.com.br
sat.almeraim.com
www.alnitek.com
alqalam2.ma
www.arisecontractors.com
aroa.dev
wallet-transfer-tst.astropay.com
www.asukaur.com
bargybud.com
app.beatbiker.com
r365.betheshow.media
bonestudio.online
thanos.briowireless.com
chalatex.com
www.chattooga-ga-sheriff.org
www.codedvelocity.com
www.codereis.com
elbertcountynews.column.us
www.domotic-control.com.ec
sanitastravel.com.tr
copticconfession.site
www.courses4arab.com
creadora.shop
www.cyberx8t.org
daleleeguide.com
demo.flexcards.darwinz.ai
blog.davidgranado.com
docs.dcupl.com
diablo-tools.com
customerinvoice.ehryourway.com
www.erettsegigyakorlo.hu
admin.ezboxmedia.com
fbceclectic.com
flowductive.com
www.foxpaint.se
get-testing.fresbopixel.com
app.dev.bietdoi.funzy.vn
nabatat-presentation.gda.sa
go-tec.cl
www.goktugyumusak.site
now.gowit.us
gujaratpolysol.com
hkg109.monster
www.honketech.cz
terms.hyqoo.com
staging.ilutor.ng
www.sabrinapratos.ind.br
dev.indoorski-arnhem.nl
samsungbenelux.invue-live.com
www.jesustorreiro.com
staging.jinbupal.com
clwm.jiro.gg
test.kathleenstout.nl
kooberengineering.com
www.lea-a-tom.cz
post.letsfame.com
auth.test.limber.work
www.lyfeplanner.com
mrparmo.megapos.store
t-c.michele40.it
motows.com
my-alert.be
nala-ai.org
oldiberdi.uz
otaku.ma
pentonomy.com
myq.portfoliolink.co.za
auth.powerpost-ai.com
pug.chat
dev.admin.renaultplr.com.br
stashify.rustinedave.com
arsskyrsla2023.samorka.is
api-qa.saudigamer.com
schmittding.com
redmine.skazy.cloud
smartsync-labs.co
atcoder-anytime.sonoapp.page
sfr-business-app.speakylink.com
bucknelltrivia.sqwadhq.com
strategiz.io
go.theseniorscoop.com
www.theswanginbros.com
www.tleilax.com
tljgroup-order.com
tradexagent.site
www.tradexagent.site
trespasserswillberecruited.com
triclubchallenge.com
vipintergroup.com
nt2025-webapi.labs.websheet.io
whenhestill.com
wsgroup.se
www.xpstudios.co
spolujizda.yedem.cz
www.zrussro.cz
Other domains in certificate